7558b5461646bde963f43b446476fc80098cc77dccca5ee097765af794297083

Analysis

max time kernel
143s
max time network
163s
platform
android_x64
resource
android-x64-arm64-20240624-es
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-eslocale:es-esos:android-11-x64system
submitted
22-11-2024 23:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Minecraft-1-21-2--ESPACIOAPK.ORG.apk
Size

246.5MB
MD5

9b4f55dc23a8cacdfb02e8325a8c166b
SHA1

fbec1dd5acb1965376838fc89b2370bddfb9897e
SHA256

7558b5461646bde963f43b446476fc80098cc77dccca5ee097765af794297083
SHA512

7daa31dcb35b483d0bbb456c8a311e13e24a259947bc98dd860f18b0ad07c7ed5420203c9ea82a332c2027aeece5fe07d1b99418a754cdc934caed8b42e90ece
SSDEEP

6291456:8m9NqNaO5HISEr7/t+rZcRGivYaIB6hDep1f6m5/qe0Wzw:HNqNaO5o9rZ+GGiQQY1f6Aqerzw

Score

8^/10

collection discovery evasion execution persistence

Malware Config

Signatures

Checks if the Android device is rooted. 1 TTPs 2 IoCs

evasion

System Information Discovery

T1426

ioc	Process
/sbin/su	com.mojang.minecraftpe
/system/bin/su	com.mojang.minecraftpe

Queries account information for other applications stored on the device 1 TTPs 1 IoCs

Application may abuse the framework's APIs to collect account information stored on the device.

collection

Stored Application Data

T1409

description	ioc	Process
Framework service call	android.accounts.IAccountManager.getAccountsAsUser	com.mojang.minecraftpe

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.mojang.minecraftpe

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.mojang.minecraftpe

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Schedules tasks to execute at a specified time 1 TTPs 1 IoCs

Application may abuse the framework's APIs to perform task scheduling for initial or recurring execution of malicious code.

execution persistence

Scheduled Task/Job

T1603

description	ioc	Process
Framework service call	android.app.job.IJobScheduler.schedule	com.mojang.minecraftpe

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.mojang.minecraftpe

com.mojang.minecraftpe
1⤵
- Checks if the Android device is rooted.
- Queries account information for other applications stored on the device
- Acquires the wake lock
- Queries information about active data network
- Schedules tasks to execute at a specified time
- Checks CPU information
PID:4438

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Stored Application Data

T1409

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.mojang.minecraftpe/cache/appboy.imageloader.lru.cache/journal.tmp

Filesize
31B

MD5
8c92de9ce46d41a22f3b20f77404cc1d

SHA1
8671a6dca00edb72be47363a7071be65cf270373

SHA256
68bb33ddeed9200be85a71f70b377985f9ee68e91578afbde8321463396f1274

SHA512
30f45fe9954215d6adafcc8f0a060a7ff41963a64f9b849a37f0d18fe045038d429ec13bf15226769c4ba78dad3c52f3d9e0dbbb4fcdea4828a1efe956e48f56

Download Submit
/data/data/com.mojang.minecraftpe/databases/com.google.android.datatransport.events

Filesize
56KB

MD5
eb610c5e65a34a8a3115b23e22e63864

SHA1
dfd910b9742f53aebb12a28281d5ec267568fc46

SHA256
355233a996cb5179ca73ed6dc904bc984ce2a8241207850c9ae3f97814316fc7

SHA512
ec4e85f2df1420dd59318a82b651de763231e3ec68eb01a557a094e84437b2e43e0bd9bf1134ea2d24f0e7afb8219fde12954e5ba1aa35d55fabfe7fea1e81ae

Download Submit
/data/data/com.mojang.minecraftpe/databases/com.google.android.datatransport.events-journal

Filesize
16KB

MD5
d9e82daab2ba6e56d355e7a4a10223cc

SHA1
c81ec2e16e055f0cbecd863f7993e11c0f94b233

SHA256
1bb983c8aaa92c632f679472c6ef3bd983f6776f4ad3142ef0cee4f6cec7f52b

SHA512
b5e618ba8f3130aeca5f1045e8785ef1f87bce8b6f6737e450ba7164076b2e9345b38f5259dc23065939deb095505a47c689bd61d687e06813424f08ef8a3e8c

Download Submit
/data/data/com.mojang.minecraftpe/databases/com.google.android.datatransport.events-journal

Filesize
20KB

MD5
9d70070cf52a3e2838b27715065f2cd8

SHA1
c5867f12275cdc740eec1a9e1d8061260c6e53a0

SHA256
635bde39bc89de842e4a09fb10a775f3ca10593f00a1fa0b2cb9e56ab3d68984

SHA512
38001f451d53af188be9d775b89f0f908e2daae1847128fcb138ed878b4c408b8c7b46454b7775bcd74be6727e8f04c3c543e28794353cf72d5485833f10d886

Download Submit
/data/data/com.mojang.minecraftpe/databases/com.google.android.datatransport.events-journal

Filesize
24KB

MD5
8ae22e178f640243cfe9a99ef0a1049c

SHA1
a68072dffb9b8763ec48730d2fe2a0ef651de353

SHA256
253c0ecccf7f01483fc15369a60852fb24b05f0ac01b1d54ef9c92430a3f0438

SHA512
5c58029513b65e30ce9dcd435e3d4fc38d2269d67e1f787bbd1a9e5f9782b47d8ff853f33ed2eb10e9389aac8bc131cf4554f3a0f13238d12aa42b247943aa5e

Download Submit
/data/data/com.mojang.minecraftpe/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
d955e4f4d485c8f33397fde7948a7a83

SHA1
31267b5433bacaed425f73778316e3c3e2f05cfe

SHA256
47cfcc29dbde2d7cae72e734f7baa3f1b5e30c6361a74fea9ed9da75ad164b56

SHA512
7e1d34fd45ddd986341a82a1413cf2cbf5bf442725806af023aad19f0999f1433439dde386f660b02fea758343fb0aa9dcb5e1df3d6d01d26d999d1c97e4f30c

Download Submit
/data/data/com.mojang.minecraftpe/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
db0808f6bea3d3e931ff19149848ab14

SHA1
02d7aaae03a02e9f83ed7f8bbabd68ca4ed16701

SHA256
322c3886ba81f434510411ff69c5fe0d38d2a432346efb36926fa436f6441742

SHA512
599f091b7128e68fcd654664c3682b674d478f47838a199b58a998715c25230d0edaf7756a4115a2af188d624220acfd4cb36b632a9954cb44826144120a24e1

Download Submit
/data/data/com.mojang.minecraftpe/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
a46e9fc2876c6f7f0efde006aad9c627

SHA1
d0c26f776464312ea3986acc6b0fa02126edb966

SHA256
cf6200cdd869546dc3dabddf2378d2c3fe3a5924016ed731375d88b71f0920e4

SHA512
f74be8b7e9f605ba6b0b2493ffc7c5e6e205a0ea6fbc5f0f574dce0da9a10946e4fd9411defee7fdc0af65adc71ff3c7d71e2d0ba2799064c2b03f587fa78163

Download Submit
/data/data/com.mojang.minecraftpe/files/PersistedInstallation2321093529046873734tmp

Filesize
570B

MD5
d2f80c60abf78678823563e8542d4745

SHA1
da663e0330dee6f79bbbe9b8b70366fade0f160a

SHA256
3e3dda7790d1debf364d1944c5db27c8276b5b4577073241aaa566a3d48d6add

SHA512
037259b99bcecb832473d0f685aebaf256e101dbdd03867b7e9c74a1b32973561f2e1533991f92f33b08bfc9d8bdd2209412a5598fed35f35e38eb6b05795bfd

Download Submit
/data/data/com.mojang.minecraftpe/files/PersistedInstallation446421688159240070tmp

Filesize
90B

MD5
35562bc189cf9d80baf682a9df01e569

SHA1
861460d08bf2700b49a0ae8fabfd2ad381155860

SHA256
1e1e8154763fd6d107f6cfd6d5ada6f68f764760457eab5673435d15aa1210fa

SHA512
8233d38aa6db09bc293b9773ef4457d70d8f78055ce4cd8e464ec73e2763e4749a70201fa380ff2b66cc97e0f87d44cee2b75dc653e9e8e5742985d9509e612c

Download Submit
/data/data/com.mojang.minecraftpe/games/com.mojang/minecraftpe/external_servers.txt

Filesize
108B

MD5
856ffa6d400316dbbc68e89e61daa485

SHA1
c4bb37570072c7657fbb7fe8f94f2df60b3a7ebc

SHA256
67f0c3c782289991c5ba82394f77d4cb112f58bcccbc9cc2c0ddd1d3cc373e69

SHA512
ee0f8483a7f0990f1ef462e1dd4b373ef80033a4551bd70e6cd1a5a03c4d72fe62b6c6979c8812dede35093bb82e78f02a961d3af7d948794d89d26e2fcf5b01

Download Submit
/data/data/com.mojang.minecraftpe/shared_prefs/com.appboy.storage.user_cache.v3.27c78d7af27ec38b35b865fe5cb91685.7e90f2bd-d27b-4010-a501-a8e30021418a.xml

Filesize
65B

MD5
9781ca003f10f8d0c9c1945b63fdca7f

SHA1
4156cf5dc8d71dbab734d25e5e1598b37a5456f4

SHA256
3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

SHA512
25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

Download Submit
/data/data/com.mojang.minecraftpe/shared_prefs/com.google.android.gms.appid.xml

Filesize
372B

MD5
548067ab0c1aefce43b022c126f081f0

SHA1
24a9282a5b1d891246907e23e044952c01166541

SHA256
964fb68a98856fd85e0fa49ffc0222d0e7f7a796939f36ab7ee94bbf985d5aa9

SHA512
dc3bb6c6105e3fcd9299c85f7f384e911846b6e9129c1c6b21b3a5fb4a6530065e289e9320b5d911500745a013536f415210796b2ba315aa10f603dcb14b2d00

Download Submit
/data/data/com.mojang.minecraftpe/shared_prefs/com.mojang.minecraftpe_preferences.xml

Filesize
140B

MD5
ec474d9fb23a160372fa305ba7fd7498

SHA1
813638ace5c4665d82b6cf479600dff21d2dabd9

SHA256
17033462c45f431440278d30e2e181384c097ac2fc98dc9a9fd5887c4bc8ff2f

SHA512
3b6e96e3af98df38ae9986277f239bd4334f70366e480a34cc41fdf55e7859b7393f9742d465548c854fab11d3fcd36c26eb438289f992ac3177f7ab7454ca68

Download Submit
socket:[72925]

Filesize
58B

MD5
3f28808b17cc41f00d71e856db879dfb

SHA1
6face5204e6cb91763853915698f4fb6d76ac535

SHA256
f0ed5a4c71aa13f0c2c5e19721719c93155c84eed4f5583d978b3a5ce94e647f

SHA512
d9d7a48d34c016e980987eb9375d3229b7eae8662a29d642996f24d9a171c4c4932f028ecb745211cd811cddfca5eb90ad3b2dea35f3d95bc4c5e6811577d756

Download Submit
socket:[74011]

Filesize
37B

MD5
43b3a6555366e5004c07631ebf0dd167

SHA1
ca68b54b9bed9a6952c5d011e79f949fbf865643

SHA256
15633f0fcfb7d7826f35c7a5f39b6349e8de2e15d2cc4bec5bcb7f44c4b7b835

SHA512
22dbe92258789b4ddb9bfe907789427114fd169da66b6460949cd8e541e94dff7509059f613f6401e507dde6d7a2ffc4742ca2da84e8fe54479ec83377b9b24a

Download Submit
socket:[74403]

Filesize
48B

MD5
2b5c438bf1b672ca09960d5a082f1711

SHA1
e9ec5db181d3330db4d48a27090ad0a1acad01fe

SHA256
4023e17fdcec5658306e289bd07988de7dfb0b94c0d9dcce98ea1280706d1671

SHA512
9779fca5094483fab29a8263da7826d532ccf3e735fa24f94b87543cd098881153967662ae6b8a915401e9eec4c597f1d4db8bf438d8b9eae25e268e1e105ba6

Download Submit
socket:[75469]

Filesize
48B

MD5
8770702f2fee4545faa9681e4b740ca5

SHA1
a53b2c498fc45d0474db6737fa50a7b0e1bfd347

SHA256
5af1f58b2ee49236593e17d9358a44a45687a33836602c4ac8d4a1793eb038ca

SHA512
21f50685a4e1fee9e0ebe2ea84cb5f2b8599ca5f958b2245e9a9d1c60de2b563ddf4eadf292231cefd3802e927da14b2bebd3c127c96c7d73bae42250f4f3c93

Download Submit
socket:[79684]

Filesize
56B

MD5
5e929c36cf1f7be5774a6c63e341c0aa

SHA1
d8a43e2164d68d02548f5d438c2e2ec57abf78a4

SHA256
f6cb9d0704a7b99dddcb01be13573257ad06195cb8a64153668f7b5eca6ea499

SHA512
9f0c3c88406de2121a61f6c16bc71827e24cadf260cd22765cc008edb1d56b2fc8cd08e7da0b6f346af379c1e641daf446ad62448efd22ea2e95a821b04446ce

Download Submit
socket:[82503]

Filesize
58B

MD5
c9dcfb0441c9e8f3cc9cb0aa758e4d04

SHA1
6d30dc05728172ae44bd12fca1beaf2907e1a5c3

SHA256
ddc1336c856b256dfbec500f434bf5cdd15f974b6504aeaa605e303b6b7c59f8

SHA512
f8e4da81e4839a07e109f1de608a024f2db79fc3aeea2d97d1786065de4b6238dfe67d1101227d2b2f3bdcf3f75ba783c433f1549dfeaf0a6bbe60f6ad65fc72

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads